<?xml version="1.0" encoding="utf-8"?>
<!-- This Source Code Form is subject to the terms of the Mozilla Public
   - License, v. 2.0. If a copy of the MPL was not distributed with this
   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
  "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"[
  <!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd" >
  %brandDTD;
]>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Glossary</title>
<link rel="stylesheet" href="helpFileLayout.css"
  type="text/css"/>
</head>
<body>

<div class="boilerPlate">This glossary is provided for your information only,
  and is not meant to be relied upon as a complete or authoritative description
  of the terms defined below or of the privacy and/or security ramifications of
  the technologies described.</div>

<h1 id="glossary">Glossary</h1>

<dl>

<dt id="add-on">add-on</dt><dd>A piece of software that can be added to
  &brandShortName; to change its appearance, behavior, or to add new features.
  It can also change the language shown in the user interface. See also
  <a href="#extension">extension</a>, <a href="#language_pack">language
  pack</a>, <a href="#plugin">plugin</a>, and <a href="#theme">theme</a>.</dd>

<dt id="authentication">authentication</dt><dd>The use of a password,
  certificate, personal identification number (PIN), or other information to
  validate an identity over a computer network. See also
  <a href="#password-based_authentication">password-based authentication</a>,
  <a href="#certificate-based_authentication">certificate-based
  authentication</a>, <a href="#client_authentication">client
  authentication</a>, <a href="#server_authentication">server
  authentication</a>.</dd>

<dt id="bookmark">bookmark</dt><dd>A stored <a href="#web_page">web page</a>
  address (<a href="#url">URL</a>) that you can go to easily by clicking a
  bookmark icon in the <a href="#personal_toolbar">Personal Toolbar</a> or
  choosing the bookmark&apos;s name from the Bookmarks menu.</dd>

<dt id="ca">CA</dt><dd>See <a href="#certificate_authority">certificate
  authority (CA)</a></dd>

<dt id="ca_certificate">CA certificate</dt><dd>A certificate that
  identifies a certificate authority. See also
  <a href="#certificate_authority">certificate authority (CA)</a>,
  <a href="#subordinate_ca">subordinate CA</a>, <a href="#root_ca">root
  CA</a>.</dd>

<dt id="cache">cache</dt><dd>A collection of web page copies stored
  on your computer&apos;s hard disk or in its random-access memory (RAM). The
  browser accumulates these copies as you browse the Web. When you click a link
  or type a <a href="#url">URL</a> to fetch a particular web page for which the
  cache already contains a copy, the browser compares the cached copy to the
  original. If there have been no changes, the browser uses the cached copy
  rather than refetching the original, saving processing and download
  time.</dd>

<dt id="caret_browsing">caret browsing</dt><dd>A &brandShortName; feature that
  allows you to navigate through text in Web pages and email messages (or this
  Help window) with a caret. Using your keyboard, you can navigate and select
  text like you do in a text editor. You can turn caret browsing mode on or off
  by pressing the <kbd>F7</kbd> key. Caret browsing mode can also be enabled or
  disabled in Advanced Preferences - Keyboard Navigation.</dd>

<dt id="certificate">certificate</dt><dd>The digital equivalent of an ID card.
  A certificate specifies the name of an individual, company, or other entity
  and certifies that a public key, which is included in the certificate,
  belongs to that entity. When you digitally sign a message or other data, the
  digital signature for that message is created with the aid of the private key
  that corresponds to the public key in your certificate. A certificate is
  issued and digitally signed by a <a href="#certificate_authority">certificate
  authority (CA)</a>. A certificate&apos;s validity can be verified by checking
  the CA&apos;s <a href="#digital_signature">digital signature</a>. Also called
  digital ID, digital passport, public-key certificate, X.509 certificate, and
  security certificate. See also <a href="#public-key_cryptography">public-key
  cryptography</a>.</dd>

<dt id="certificate_authority">certificate authority (CA)</dt><dd>A service
  that issues a certificate after verifying the identity of the person or
  entity the certificate is intended to identify. A CA also renews and revokes
  certificates and generates a list of revoked certificates at regular
  intervals. CAs can be independent vendors or a person or organization using
  certificate-issuing server software (such as &brandShortName; Certificate
  Management System). See also <a href="#certificate">certificate</a>,
  <a href="#crl">CRL (certificate revocation list)</a>.</dd>

<dt id="certificate_backup_password">certificate backup password</dt><dd>A
  password that protects a certificate that you are backing up or have
  previously backed up. Certificate Manager asks you to set this password when
  you back up a certificate, and requests it when you attempt to restore a
  certificate that has previously been backed up.</dd>

<dt id="certificate-based_authentication">certificate-based
  authentication</dt><dd>Verification of identity based on certificates and
  public-key cryptography. See also
  <a href="#password-based_authentication">password-based
  authentication</a>.</dd>

<dt id="certificate_chain">certificate chain</dt><dd>A hierarchical series of
  certificates signed by successive certificate authorities. A CA certificate
  identifies a <a href="#certificate_authority">certificate authority (CA)</a>
  and is used to sign certificates issued by that authority. A CA certificate
  can in turn be signed by the CA certificate of a parent CA and so on up to a
  <a href="#root_ca">root CA</a>.</dd>

<dt id="certificate_fingerprint">certificate fingerprint</dt><dd>
  A unique number associated with a certificate. The number is not part of
  the certificate itself but is produced by applying a mathematical function to
  the contents of the certificate. If the contents of the certificate change,
  even by a single character, the function produces a different number.
  Certificate fingerprints can therefore be used to verify that certificates
  have not been tampered with.</dd>

<dt id="certificate_manager">Certificate
  Manager</dt><dd>The part of the browser that allows you to view and manage
  certificates. To view the main Certificate Manager window: Open the
  <span class="mac">&brandShortName;</span> <span class="noMac">Edit</span>
  menu, choose Preferences, click Privacy and Security, and then click Manage
  Certificates.</dd>

<dt id="certificate_renewal">certificate renewal</dt><dd>The process of
  renewing a <a href="#certificate">certificate</a> that is about to
  expire.</dd>

<dt id="certificate_verification">certificate verification</dt><dd>When
  <a href="#certificate_manager">Certificate Manager</a> verifies a
  certificate, it confirms that the digital signature was created by a CA whose
  own CA certificate is both on file with Certificate Manager and marked as
  trusted for issuing that kind of certificate. It also confirms that the
  certificate being verified has not itself been marked as untrusted. Finally,
  if the <a href="#ocsp">OCSP (Online Certificate Status Protocol)</a> has been
  activated, Certificate Manager also performs an online check. It does so by
  looking up the certificate in a list of valid certificates maintained at a
  <a href="#url">URL</a> that is specified either in the certificate itself or
  in the browser&apos;s Validation preferences. If any of these checks fail,
  Certificate Manager marks the certificate as unverified and won&apos;t
  recognize the identity it certifies.</dd>

<dt id="cipher">cipher</dt><dd>See
  <a href="#cryptographic_algorithm">cryptographic algorithm</a>.</dd>

<dt id="client">client</dt><dd>Software (such as browser software) that sends
  requests to and receives information from a <a href="#server">server</a>,
  which is usually running on a different computer. A computer on which client
  software runs is also described as a client.</dd>

<dt id="client_authentication">client authentication</dt><dd>The process of
  identifying a <a href="#client">client</a> to a <a href="#server">server</a>,
  for example with a name and password or with a
  <a href="#client_ssl_certificate">client SSL certificate</a> and some
  digitally signed data. See also <a href="#ssl">SSL (Secure
  Sockets Layer)</a>, <a href="#server_authentication">server
  authentication</a>.</dd>

<dt id="client_ssl_certificate">client SSL certificate</dt><dd>A certificate
  that a <a href="#client">client</a> (such as browser software) presents to a
  <a href="#server">server</a> to authenticate the identity of the client
  (or the identity of the person using the client) using the
  <a href="#ssl">SSL (Secure Sockets Layer)</a> protocol. See
  also <a href="#client_authentication">client authentication</a>.</dd>

<dt id="component_bar">Component Bar</dt><dd>The toolbar located at the bottom
  left of any &brandShortName; window. The Component Bar allows you to switch
  between &brandShortName; components by clicking icons for Browser,
  Mail &amp; Newsgroups, Composer, and so on.</dd>

<dt id="cookie">cookie</dt><dd>A small bit of information stored on your
  computer by some <a href="#website">websites</a>. When you visit such a
  website, the website asks your browser to place one or more cookies on your
  hard disk. Later, when you return to the website, your browser sends the
  website the cookies that belong to it. Cookies help websites keep track of
  information about you, such as the contents of your shopping cart. You can set
  your cookie preferences to control how cookies are used and how much
  information you are willing to let websites store on them. See also
  <a href="#third-party_cookie">third-party cookie</a>.</dd>

<dt id="cookie_manager">Cookie Manager</dt><dd>The part of the browser
  that you can use to control <a href="#cookie">cookies</a>.</dd>

<dt id="crl">CRL (certificate revocation list)</dt><dd>A list of revoked
  certificates that is generated and signed by a
  <a href="#certificate_authority">certificate authority (CA)</a>. You can
  download the latest CRL to your browser or to a server, then check against it
  to make sure that certificates are still valid before permitting their use
  for authentication.</dd>

<dt id="cryptographic_algorithm">cryptographic algorithm</dt><dd>A set of
  rules or directions used to perform cryptographic operations such as
  <a href="#encryption">encryption</a> and
  <a href="#decryption">decryption</a>. Sometimes called a
  <em>cipher.</em></dd>

<dt id="cryptography">cryptography</dt><dd>The art and practice of scrambling
  (encrypting) and unscrambling (decrypting) information. For example,
  cryptographic techniques are used to scramble an unscramble information
  flowing between commercial websites and your browser. See also
  <a href="#public-key_cryptography">public-key cryptography</a>.</dd>

<dt id="decryption">decryption</dt><dd>The process of unscrambling data that
  has been encrypted. See also <a href="#encryption">encryption</a>.</dd>

<dt id="digital_id">digital ID</dt><dd>
  See <a href="#certificate">certificate</a>.</dd>

<dt id="digital_signature">digital signature</dt><dd>A code created from both
  the data to be signed and the private key of the signer. This code is unique
  for each new piece of data. Even a single comma added to a message changes
  the digital signature for that message. Successful validation of your digital
  signature by appropriate software not only provides evidence that you
  approved the transaction or message, but also provides evidence that the data
  has not changed since you digitally signed it. A digital signature has
  nothing to do with a handwritten signature, although it can sometimes be used
  for similar legal purposes. See also
  <a href="#nonrepudiation">nonrepudiation</a>,
  <a href="#tamper_detection">tamper detection</a>.</dd>

<dt id="distinguished_name">distinguished name (DN)</dt><dd>A specially
  formatted name that uniquely identifies the subject of a
  <a href="#certificate">certificate</a>.</dd>

<dt id="do_not_track">Do Not Track</dt><dd>A mechanism that allows users
  to inform <a href="#website">websites</a> that they do not want to be
  <a href="#user_tracking">tracked</a> by third-party websites and
  <a href="#web_application">web applications</a>. A user&apos; tracking
  preferences is included in the <a href="#http">HTTP</a> header and sent
  to the website. &brandShortName; supports sending <q>Do Not Track</q>
  requests, but websites are not obligated to honor those.</dd>

<dt id="dual_key_pairs">dual key pairs</dt><dd>Two public-private key
  pairs&mdash;four keys altogether&mdash;corresponding to two separate
  certificates. The private key of one pair is used for signing operations, and
  the public and private keys of the other pair are used for encryption and
  decryption operations. Each pair corresponds to a separate
  <a href="#certificate">certificate</a>. See also
  <a href="#public-key_cryptography">public-key cryptography</a>.</dd>

<dt id="eavesdropping">eavesdropping</dt><dd>Surreptitious interception of
  information sent over a network by an entity for which the information is not
  intended.</dd>

<dt id="encryption">encryption</dt><dd>The process of scrambling information in
  a way that disguises its meaning. For example, encrypted connections between
  computers make it very difficult for third-parties to unscramble, or
  <em>decrypt</em>, information flowing over the connection. Encrypted
  information can be decrypted only by someone who possesses the appropriate
  key. See also <a href="#public-key_cryptography">public-key
  cryptography</a>.</dd>

<dt id="encryption_certificate">encryption certificate</dt><dd>A
  <a href="#certificate">certificate</a> whose public key is used for
  encryption only. Encryption certificates are not used for signing operations.
  See also <a href="#dual_key_pairs">dual key pairs</a>,
  <a href="#signing_certificate">signing certificate</a>.</dd>

<dt id="encryption_key">encryption key</dt><dd>A private key used for
  encryption only. An encryption key and its equivalent private key, plus a
  <a href="#signing_key">signing key</a> and its equivalent public key,
  constitute a <a href="#dual_key_pairs">dual key pairs</a>.</dd>

<dt id="extension">extension</dt><dd>A type of <a href="#add-on">add-on</a>
  that changes the behavior of &brandShortName; or adds new features to
  it.</dd>

<dt id="feed">feed</dt><dd>A frequently updated source of references to web
  pages, usually blog articles or news. Technically it is an XML document
  available through a public well-known URL, comprising of several items inside,
  each one containing some metadata (possibly including a summary) and an URL
  to the full blog or news article. The XML document is regenerated at fixed
  intervals, or whenever a new article is published to the website. Web
  applications can subscribe to the URL serving the feed and present the new
  articles as they are updated in the underlying XML document. There are
  specific XML formats for feeds, most common of which are
  <a href="#rss">RSS</a> and Atom.</dd>

<dt id="fingerprint">fingerprint (certificate)</dt><dd>See
  <a href="#certificate_fingerprint">certificate fingerprint</a>.</dd>

<dt id="fingerprinting">fingerprinting (browser)</dt><dd>A method of
  <a href="#user_tracking">user tracking</a> by which a user is identified
  based on browser characteristics like browser and operating system versions,
  stated language preferences, or <a href="#plugin">plugins</a> installed.</dd>

<dt id="fips_pubs_140-1">FIPS PUBS 140-1</dt><dd>Federal Information Processing
  Standards Publications (FIPS PUBS) 140-1 is a US government standard for
  implementations of cryptographic modules&mdash;that is, hardware or software
  that encrypts and decrypts data or performs other cryptographic operations
  (such as creating or verifying digital signatures). Many products sold to the
  US government must comply with one or more of the FIPS standards.</dd>

<dt id="foreign_cookie">foreign cookie</dt><dd>See
  <a href="#third-party_cookie">third-party cookie</a>.</dd>

<dt id="frame">frame</dt><dd>Frames are <a href="#web_page">web pages</a>
  contained inside of an all-encompasssing <q>meta</q> page.</dd>

<dt id="ftp">FTP (File Transfer Protocol)</dt><dd>A
  standard that allows users to transfer files from one computer to another
  over a network. You can use your browser to fetch files using FTP.</dd>

<dt id="helper_application">helper application</dt><dd>Any application that is
  used to open or view a file downloaded by the browser. A
  <a href="#plugin">plugin</a> is a special kind of helper application that
  installs itself into the Plugins directory of the main browser installation
  directory and can typically be opened within the browser itself (internally).
  Microsoft Word, Adobe Photoshop, and other external applications are
  considered helper applications but not plugins, since they don&apos;t
  install themselves into the browser directory, but can be opened from the
  download dialog box.</dd>

<dt id="home_page">home page</dt><dd>The page your browser is set to display
  every time you launch it or when you click the Home button. Also used to
  refer to the main page for a website, from which you can explore the rest of
  the website.</dd>

<dt id="html">HTML (HyperText Markup Language)</dt><dd>The document format used
  for web pages. The HTML standard defines tags, or codes, used to define the
  text layout, fonts, style, images, and other elements that make up a web
  page.</dd>

<dt id="http">HTTP (HyperText Transfer Protocol)</dt><dd>The protocol used to
  transfer <a href="#web_page">web pages</a> (HyperText documents) between
  browsers and <a href="#server">servers</a> over the
  <a href="#world_wide_web">World Wide Web</a>.</dd>

<dt id="https">HTTPS (HyperText Transfer Protocol Secure)</dt><dd>The secure
  version of the HTTP protocol that uses <a href="#ssl">SSL</a> to ensure the
  privacy of customer data (such as credit card information) while en route
  over the <a href="#internet">Internet</a>.</dd>

<dt id="imap">IMAP (Internet Message Access Protocol)</dt><dd>A standard mail
  server protocol that allows you to store all your messages and any changes to
  them on the server rather than on your computer&apos;s hard disk. Using IMAP
  rather than <a href="#pop">POP</a> saves disk space and allows you to access
  your entire mailbox, including sent mail, drafts, and custom folders, from
  any location. Using an IMAP server over a modem is generally faster than
  using a POP mail server, since you initially download message headers only.
  Not all <a href="#isp">ISPs</a> support IMAP.</dd>

<dt id="implicit_consent">implicit consent</dt><dd>Also known as implied or
  <q>opt-out</q> consent. Used to describe privacy settings that may allow
  websites to gather information about you (for example by means of
  <a href="#cookie">cookies</a> and online forms) unless you explicitly choose
  to withhold your consent by selecting an option on a page that the website
  provides for that purpose. Your consent may not be requested when the
  information is actually gathered. See also <a href="#user_tracking">user
  tracking</a>.</dd>

<dt id="internet">Internet</dt><dd>A worldwide network of millions of computers
  that communicate with each other using standard protocols such as
  <a href="#tcp_ip">TCP/IP</a>. Originally developed for the US military in
  1969, the Internet grew to include educational and research institutions and,
  in the late 1990s, millions of businesses, organizations, and individuals.
  Today the Internet is used for email, browsing the
  <a href="#world_wide_web">World Wide Web (WWW)</a>, instant messaging,
  usegroups, and many other purposes.</dd>

<dt id="ip_address">IP address (Internet protocol address)</dt><dd>The address
  of a computer on a <a href="#tcp_ip">TCP/IP</a> network. Every computer on
  the <a href="#internet">Internet</a> has an IP address.
  <a href="#client">Clients</a> have either a permanent IP address or one that
  is dynamically assigned to them each time they connect with the network. IP
  addresses are written as four sets of numbers, like this: 204.171.64.2.</dd>

<dt id="irc">IRC (Internet Relay Chat)</dt><dd>A protocol used to chat with
  other people in real-time using an IRC <a href="#client">client</a>.</dd>

<dt id="isp">ISP (Internet Service Provider)</dt><dd>A company/institution
  that provides <a href="#internet">Internet</a> connections.</dd>

<dt id="java">Java</dt><dd>A programming language developed by Sun
  Microsystems. A single Java program can run on many different kinds of
  computers, thus avoiding the need for programmers to create a separate
  version of each program for each kind of computer. Your browser can
  automatically download and run Java programs (also called applets).</dd>

<dt id="javascript">JavaScript</dt><dd>A scripting language commonly used to
  construct <a href="#web_page">web pages</a>. Programmers use JavaScript to
  make web pages more interactive; for example, to display forms and buttons.
  JavaScript can be used with <a href="#java">Java</a>, but is technically a
  separate language. Java is not required for JavaScript to work
  correctly.</dd>

<dt id="key">key</dt><dd>A large number used by a
  <a href="#cryptographic_algorithm">cryptographic algorithm</a> to encrypt or
  decrypt data. A person&apos;s public key, for example, allows other people to
  encrypt messages to that person. The encrypted messages must be decrypted
  with the corresponding private key. See also
  <a href="#public-key_cryptography">public-key cryptography</a>.</dd>

<dt id="language_pack">language pack</dt><dd>A type of
  <a href="#add-on">add-on</a> that adds a new language to the user interface
  of &brandShortName;.</dd>

<dt id="ldap">LDAP (Lightweight Directory Access Protocol)</dt><dd>A standard
  protocol for accessing directory services, such as corporate address books,
  across multiple platforms. You can set up your browser to access LDAP
  directories from the Address Book. You can also set up Mail &amp; Newsgroups
  to use an LDAP directory for email address autocompletion.</dd>

<dt id="location_bar">Location Bar</dt><dd>The field (and associated buttons)
  near the top of a browser window where you can type a
  <a href="#url">URL</a> or search terms.</dd>

<dt id="malware">Malware</dt><dd>Short for <q><u>Mal</u>icious
  Soft<u>ware</u></q> and a general term for a variety of software designed
  to disrupt computer operation, gather sensitive information, or gain access
  to your computer. They can be distributed by infected <a href="#web_page">web
  pages</a> or as attachments to email messages. Examples include viruses,
  worms, trojans, spyware, or adware. Malware may redistribute itself by
  sending out email messages to infect other computers.</dd>

<dt id="master_key">master key</dt><dd>A symmetric key used by
  <a href="#certificate_manager">Certificate Manager</a> to encrypt
  information. For example, <a href="#password_manager">Password Manager</a>
  uses Certificate Manager and your master key to encrypt email passwords,
  website passwords, and other stored sensitive information. See also
  <a href="#symmetric_encryption">symmetric encryption</a>.</dd>

<dt id="master_password">master password</dt><dd>A password used by
  Certificate Manager to protect the master key and/or private keys stored on a
  <a href="#security_device">security device</a>. Certificate Manager needs to
  access your private keys, for example, when you sign email messages or use
  one of your own certificates to identify yourself to a website. It needs to
  access your master key when Password Manager or Form Manager reads or adds to
  your personal information. You can set or change your master password from
  the Master Passwords preferences panel. Each security device requires a
  separate master password. See also <a href="#private_key">private key</a>,
  <a href="#master_key">master key</a>.</dd>

<dt id="misrepresentation">misrepresentation</dt><dd>Presentation of an entity
  as a person or organization that it is not. For example, a website might
  pretend to be a furniture store when it is really just a website that takes
  credit card payments but never sends any goods. See also
  <a href="#spoofing">spoofing</a>.</dd>

<dt id="navigation_toolbar">Navigation Toolbar</dt><dd>The toolbar near the top
  of the browser window that includes the Back and Forward buttons.</dd>

<dt id="nonrepudiation">nonrepudiation</dt><dd>The inability, of the sender of
  a message, to deny having sent the message. A regular hand-written signature
  provides one form of nonrepudiation. A
  <a href="#digital_signature">digital signature</a> provides another.</dd>

<dt id="notification_bar">notification bar</dt><dd>A bar that appears at the
  top of the content area to inform you about something that needs your
  attention, e.g. when the Password Manager can save a password for you, a
  popup has been blocked or an additional plugin is required.</dd>

<dt id="object_signing">object signing</dt><dd>A technology that allows
  software developers to sign Java code, JavaScript scripts, or any kind of
  file, and that allows users to identify the signers and control access by
  signed code to local system resources.</dd>

<dt id="object-signing_certificate">object-signing certificate</dt><dd>A
  certificate whose corresponding private key is used to sign objects such as
  code files. See also <a href="#object_signing">object signing</a>.</dd>

<dt id="ocsp">OCSP (Online Certificate Status Protocol)</dt><dd>A set of rules
  that <a href="#certificate_manager">Certificate Manager</a> follows to
  perform an online check of a certificate&apos;s validity each time the
  certificate is used. This process involves checking the certificate against a
  list of valid certificates maintained at a specified website. Your computer
  must be online for OCSP to work.</dd>

<dt id="opml">OPML (Outline Processor Markup Language)</dt><dd>An XML format
  used to list <a href="#feed">feed</a> collections. Although broader in its
  specification, it is mainly used nowadays to export and import feed
  collections between different feed aggregators or readers, like
  &brandShortName;.</dd>

<dt id="password-based_authentication">password-based
  authentication</dt><dd>Confident identification by means of a name and
  password. See also <a href="#authentication">authentication</a>.</dd>

<dt id="password_manager">Password Manager</dt><dd>The part of the
  browser that can help you remember some or all of your names and passwords by
  storing them on your computer&apos;s hard disk, and entering them for you
  automatically when you visit such websites.</dd>

<dt id="personal_toolbar">Personal Toolbar</dt><dd>The customizable toolbar
  that appears just below the location bar by default in the browser. It
  contains standard buttons such as Home, Bookmarks, and so on that you can add
  or remove. You can also add buttons for your favorite bookmarks, or folders
  containing groups of bookmarks.</dd>

<dt id="phishing">Phishing</dt><dd>Phishing is a fraudulent business scheme in
  which a party creates counterfeit websites, hijacking brand names of banks,
  e-retailers and credit card companies, trying to collect victims&apos;
  personal information.</dd>

<dt id="pkcs_11">PKCS #11</dt><dd>The public-key cryptography standard that
  governs security devices such as smart cards. See also
  <a href="#security_device">security device</a>, <a href="#smart_card">smart
  card</a>.</dd>

<dt id="pkcs_11_module">PKCS #11 module</dt><dd>A program on your computer
  that manages cryptographic services such as encryption and decryption using
  the PKCS #11 standard. Also called <em>cryptographic modules</em>,
  <em>cryptographic service providers</em>, or <em>security modules</em>,
  PKCS #11 modules control either hardware or software devices. A PKCS #11
  module always controls one or more slots, which may be implemented as some
  form of physical reader (for example, for reading smart cards) or in
  software. Each slot for a PKCS #11 module can in turn contain a
  <a href="#security_device">security device</a> (also called <em>token</em>),
  which is the hardware or software device that provides cryptographic services
  and stores certificates and keys. <a href="#certificate_manager">Certificate
  Manager</a> provides two built-in PKCS #11 modules. You may install
  additional modules on your computer to control smart card readers or other
  hardware devices.</dd>

<dt id="pki">PKI (public-key infrastructure)</dt><dd>The standards and services
  that facilitate the use of public-key cryptography and certificates in a
  networked environment.</dd>

<dt id="plugin">plugin</dt><dd>A type of
  <a href="#helper_application">helper application</a> that adds new
  capabilities to your browser, such as the ability to play audio or video
  clips. Unlike other kinds of helper applications, a plugin application
  installs itself into the Plugins directory within the main browser
  installation directory and typically can be opened within the browser itself
  (internally). For example, an audio plugin lets you listen to audio files on
  a <a href="#web_page">web page</a> or in an email message. Macromedia Flash
  Player and Java are both examples of plugin applications.</dd>

<dt id="pop">POP (Post Office Protocol)</dt><dd>A standard mail server protocol
  that requires you to download new messages to your local
  computer&mdash;although you can choose to leave copies on the server. With
  POP, you can store all your messages, including sent mail, drafts, and custom
  folders, on one computer only. By contrast,
  <a href="#imap">IMAP</a> allows you to permanently store all your messages
  and any changes to them on the server, where you can access them from any
  computer. Most <a href="#isp">ISPs</a> currently support POP.</dd>

<dt id="private_browsing">private browsing</dt><dd>Browsing in a session in
  which no private data (like browsing history, <a href="#cookie">cookies</a>,
  and <a href="#cache">cached</a> content) are retained beyond the duration of
  the private session. Private browsing should not be confused with anonymous
  browsing and does not prevent <a href="#user_tracking">user tracking</a> or
  monitoring of web activity by an internet provider or employer.</dd>

<dt id="private_key">private key</dt><dd>One of a pair of
  <a href="#key">keys</a> used in public-key cryptography. The private key is
  kept secret and is used to decrypt data that has been encrypted with the
  corresponding public key.</dd>

<dt id="proxy">proxy</dt><dd>An intermediary or <q>go-between</q> program that
  acts as both a <a href="#server">server</a> and a
  <a href="#client">client</a> for the purpose of making requests on behalf of
  other clients.</dd>

<dt id="public_key">public key</dt><dd>
  One of a pair of <a href="#key">keys</a> used in public-key cryptography.
  The public key is distributed freely and published as part of a
  <a href="#certificate">certificate</a>. It is typically used to encrypt data
  sent to the public key&apos;s owner, who then decrypts the data with the
  corresponding private key.</dd>

<dt id="public-key_cryptography">public-key cryptography</dt><dd>A set of
  well-established techniques and standards that allow an entity (such as a
  person, an organization, or hardware such as a router) to verify its identity
  electronically or to sign and encrypt electronic data. Two keys are involved:
  a <a href="#public_key">public key</a> and a <a href="#private_key">private
  key</a>. The public key is published as part of a
  <a href="#certificate">certificate</a>, which associates that key with a
  particular identity. The corresponding private key is kept secret. Data
  encrypted with the public key can be decrypted only with the private key.
  </dd>

<dt id="root_ca">root CA</dt><dd>The
  <a href="#certificate_authority">certificate authority (CA)</a> with a
  self-signed certificate at the top of a
  <a href="#certificate_chain">certificate chain</a>. See also
  <a href="#subordinate_ca">subordinate CA</a>.</dd>

<dt id="rss">RSS (Really Simple Syndication)</dt><dd>An <a href="#xml">XML</a>
  data format for web <a href="#feed">feeds</a>.</dd>

<dt id="safe_browsing">safe browsing</dt><dd>Protection against common threats
  from <a href="#malware">Malware</a> and <a href="#phishing">Phishing</a> by
  checking each <a href="#web_page">web page</a> against a list of reported
  websites. If the web page you are about to visit has been reported as
  containing malicious content, &brandShortName; prevents it from loading
  and shows a warning instead.</dd>

<dt id="search_engine">search engine</dt><dd>A web-based program that allows
  users to search for and retrieve specific information from the
  <a href="#world_wide_web">World Wide Web (WWW)</a>. The search engine may
  search the full text of web documents or a list of keywords, or use
  librarians who review web documents and index them manually for retrieval.
  Typically, the user types a word or phrase, also called a query, into a
  search box, and the search engine displays links to relevant web pages.</dd>

<dt id="secure_authentication">secure authentication</dt><dd>A type of
  <a href="#authentication">authentication</a> which uses a
  <a href="#secure_connection">secure connection</a> so the communication
  between client and server is encrypted.</dd>

<dt id="secure_connection">secure connection</dt><dd>A connection between a
  client and a server which uses some type of encryption (usually,
  <a href="#ssl">SSL</a>) to ensure it can&apos;t be intercepted by
  third-parties. Most of the time, the server is the one providing the
  certificate to identify itself.</dd>

<dt id="security_certificate">security certificate</dt><dd>See
  <a href="#certificate">certificate</a>.</dd>

<dt id="security_device">security device</dt><dd>Hardware or software that
  provides cryptographic services such as encryption and decryption and can
  store certificates and keys. A <a href="#smart_card">smart card</a> is one
  example of a security device implemented in hardware.
  <a href="#certificate_manager">Certificate Manager</a> contains its own
  built-in security device, called the
  <a href="#software_security_device">software security device</a>, that is
  always available while the browser is running. Each security device is
  protected by its own <a href="#master_password">master password</a>.</dd>

<dt id="security_module">security module</dt><dd>See
  <a href="#pkcs_11_module">PKCS #11 module</a>.</dd>

<dt id="security_token">security token</dt><dd>See
  <a href="#security_device">security device</a>.</dd>

<dt id="server">server</dt><dd>Software (such as software that serves up web
  pages) that receives requests from and sends information to a
  <a href="#client">client</a>, which is usually running on a different
  computer. A computer on which server software runs is also described as a
  server.</dd>

<dt id="server_authentication">server authentication</dt><dd>The process of
  identifying a <a href="#server">server</a> to a <a href="#client">client</a>
  by using a <a href="#server_ssl_certificate">server SSL certificate</a>. See
  also <a href="#client_authentication">client authentication</a>,
  <a href="#ssl">SSL (Secure Sockets Layer)</a>.</dd>

<dt id="server_ssl_certificate">server SSL certificate</dt><dd>A
  certificate that a <a href="#server">server</a> presents to a
  <a href="#client">client</a> to authenticate the server&apos;s identity using
  the <a href="#ssl">SSL (Secure Sockets Layer)</a> protocol.</dd>

<dt id="signing_certificate">signing certificate</dt><dd>A certificate whose
  corresponding <a href="#private_key">private key</a> is used to sign
  transmitted data, so that the receiver can verify the identity of the sender.
  Certificate authorities (CAs) often issue a signing certificate that will be
  used to sign email messages at the same time as an
  <a href="#encryption_certificate">encryption certificate</a> that will be
  used to encrypt email messages. See also <a href="#dual_key_pairs">dual key
  pairs</a>, <a href="#digital_signature">digital signature</a>.</dd>

<dt id="signing_key">signing key</dt><dd>A private key used for signing only.
  A signing key and its equivalent public key, together with an
  <a href="#encryption_key">encryption key</a> and its equivalent private key,
  constitute <a href="#dual_key_pairs">dual key pairs</a>.</dd>

<dt id="slot">slot</dt><dd>A piece of hardware, or its equivalent in software,
  that is controlled by a <a href="#pkcs_11_module">PKCS #11 module</a> and
  designed to contain a <a href="#security_device">security device</a>.</dd>

<dt id="smart_card">smart card</dt><dd>A small device, typically about the size
  of a credit card, that contains a microprocessor and is capable of storing
  cryptographic information (such as keys and certificates) and performing
  cryptographic operations. Smart cards use the <a href="#pkcs_11">PKCS #11</a>
  standard. A smart card is one kind of <a href="#security_device">security
  device</a>.</dd>

<dt id="smtp">SMTP (Simple Mail Transfer Protocol)</dt><dd>A protocol that
  sends email messages across the <a href="#internet">Internet</a>.</dd>

<dt id="socks">SOCKS</dt><dd>A protocol that a <a href="#proxy">proxy</a>
  server can use to accept requests from client users in an internal network
  so that it can forward them across the <a href="#internet">Internet</a>.</dd>

<dt id="software_security_device">software security device</dt><dd>The default
  <a href="#security_device">security device</a> used by
  <a href="#certificate_manager">Certificate Manager</a> to store private keys
  associated with your certificates. In addition to private keys, the software
  security device stores the master key used by
  <a href="#password_manager">Password Manager</a> to encrypt email passwords,
  website passwords, and other sensitive information. See also
  <a href="#private_key">private key</a> and <a href="#master_password">master
  key</a>.</dd>

<dt id="spoofing">spoofing</dt><dd>Pretending to be someone else. For example,
  a person can pretend to have the email address <tt>jdoe@mozilla.com</tt>, or
  a computer can identify itself as a website called <tt>www.mozilla.com</tt>
  when it is not. Spoofing is one form of
  <a href="#misrepresentation">misrepresentation</a>.</dd>

<dt id="ssl">SSL (Secure Sockets Layer)</dt><dd>A protocol that allows mutual
  authentication between a <a href="#client">client</a> and a
  <a href="#server">server</a> for the purpose of establishing an authenticated
  and encrypted connection. SSL runs above <a href="#tcp_ip">TCP/IP</a> and
  below <a href="#http">HTTP</a>, <a href="#ldap">LDAP</a>,
  <a href="#imap">IMAP</a>, NNTP, and other high-level network protocols.
  The new Internet Engineering Task Force (IETF) standard called Transport
  Layer Security (TLS) is based on SSL. See also
  <a href="#authentication">authentication</a>,
  <a href="#encryption">encryption</a>.</dd>

<dt id="starttls">STARTTLS</dt><dd>An extension to common standard TCP
  protocols (like SMTP, POP or IMAP) so the client can tell the server to
  use <a href="#tls">TLS</a> on the same TCP port as for non-secure
  connections.</dd>

<dt id="status_bar">Status Bar</dt><dd>The toolbar that appears at the bottom
  of any &brandShortName; window. It includes the
  <a href="#component_bar">Component Bar</a> on the left and status icons on
  the right.</dd>

<dt id="subject">subject</dt><dd>The entity (such as a person, organization,
  or router) identified by a <a href="#certificate">certificate</a>. In
  particular, the subject field of a certificate contains the certified
  entity&apos;s <a href="#subject_name">subject name</a> and other
  characteristics.</dd>

<dt id="subject_name">subject name</dt><dd>A
  <a href="#distinguished_name">distinguished name (DN)</a> that uniquely
  describes the <a href="#subject">subject</a> of a
  <a href="#certificate">certificate</a>.</dd>

<dt id="subordinate_ca">subordinate CA</dt><dd>A
  <a href="#certificate_authority">certificate authority (CA)</a> whose
  certificate is signed by another subordinate CA or by the root CA. See also
  <a href="#certificate_chain">certificate chain</a>, <a href="#root_ca">root
  CA</a>.</dd>

<dt id="symmetric_encryption">symmetric encryption</dt><dd>An encryption method
  that uses a single cryptographic key to both encrypt and decrypt a given
  message.</dd>

<dt id="tamper_detection">tamper detection</dt><dd>A mechanism ensuring that
  data received in electronic form has not been tampered with; that is, that
  the data received corresponds entirely with the original version of the same
  data.</dd>

<dt id="tcp">TCP</dt><dd>See <a href="#tcp_ip">TCP/IP</a>.</dd>

<dt id="tcp_ip">TCP/IP (Transmission Control Protocol/Internet
  Protocol)</dt><dd>A Unix protocol used to connect computers running a variety
  of operating systems. TCP/IP is an essential Internet protocol and has become
  a global standard.</dd>

<dt id="theme">theme</dt><dd>A type of <a href="#add-on">add-on</a> that changes
  the appearance of &brandShortName;.</dd>

<dt id="third-party_cookie">third-party cookie</dt><dd>A
  <a href="#cookie">cookie</a> from one <a href="#website">website</a> that
  gets stored on your computer when you visit a different website. Sometimes a
  website displays content that is hosted on another website. That content can
  be anything from an image to text or an advertisement. The second website
  that hosts such elements also has the ability to store a cookie in your
  browser, even though you don&apos;t visit it directly. Also known as
  <q>foreign cookie</q>.</dd>

<dt id="tls">TLS</dt><dd>Transport Layer Security (TLS) is the new Internet
  Engineering Task Force (IETF) standard based on SSL (Secure Sockets Layer).
  See also <a href="#ssl">SSL</a> and
  <a href="#encryption">encryption</a>.</dd>

<dt id="token">token</dt><dd>See <a href="#security_device">security
  device</a>.</dd>

<dt id="tooltip">tooltip</dt><dd>A small box with text that appears when
  you hover your mouse's cursor over certain items. It usually contains
  information regarding the item being hovered over.</dd>

<dt id="trust">trust</dt><dd>Confident reliance on a person or other entity. In
  the context of <a href="#pki">PKI (public-key infrastructure)</a>, trust
  usually refers to the relationship between the user of a certificate and the
  <a href="#certificate_authority">certificate authority (CA)</a> that issued
  the certificate. If you use Certificate Manager to specify that you trust a
  CA, Certificate Manager trusts valid certificates issued by that CA unless
  you specify otherwise in the settings for individual certificates. You use
  the Authorities tab in Certificate Manager to specify the kinds of
  certificates you do or don&apos;t trust specific CAs to issue.</dd>

<dt id="url">URL (Uniform Resource Locator)</dt><dd>The standardized address
  that tells your browser how to locate a file or other resource on the Web.
  For example: <tt>http://www.mozilla.org.</tt> You can type URLs into the
  browser&apos;s <a href="#location_bar">Location Bar</a> to access
  <a href="#web_page">web pages</a>. URLs are also used in the links on web
  pages that you can click to go to other web pages. Also known as an Internet
  address or Web address.</dd>

<dt id="user_tracking">user tracking</dt><dd>Methods that some
  <a href="#website">websites</a>, including advertisers and analytics services,
  employ to determine patterns in how you browse the web (e.g., what websites
  you have visited, which preferences you have voiced using buttons embedded by
  social networks, and your purchase history). This information is mostly used
  to show you specifically targeted offers or advertisements for products or
  services. Mechanisms for user tracking include <a href="#cookie">cookies</a>
  and <a href="#fingerprinting">browser fingerprinting</a>. See also
  <a href="#do_not_track">Do Not Track</a>.</dd>

<dt id="web_application">web application</dt><dd>An application that is not
  running on your computer but remotely on a <a href="#website">website</a>.
  Examples include web-mail systems or web-based systems where you enter
  information into a form and receive a response as a <a href="#web_page">web
  page</a>. An <i>offline</i> web application can work without a current
  connection to the <a href="#internet">Internet</a> by saving the relevant
  pages locally before running the application.</dd>

<dt id="web_page">web page</dt><dd>A single document on the World Wide Web that
  is specified by a unique address or <a href="#url">URL</a> and that may
  contain text, hyperlinks, and graphics.</dd>

<dt id="website">website</dt><dd>A group of related web pages linked by
  hyperlinks and managed by a single company, organization, or individual. A
  website may include text, graphics, audio and video files, and links to
  other websites.</dd>

<dt id="world_wide_web">World Wide Web (WWW)</dt><dd>Also known as the Web. A
  portion of the <a href="#internet">Internet</a> that is made up of web pages
  stored by web <a href="#server">servers</a> and displayed by
  <a href="#client">clients</a> called web browsers (such as
  &brandShortName;).</dd>

<dt id="wpad">WPAD (Web Proxy AutoDiscovery)</dt><dd>A proposed Internet
  protocol that allows a Web browser to automatically locate and interface
  with <a href="#proxy">proxy</a> services in a network.</dd>

<dt id="xml">XML (Extensible Markup Language)</dt><dd>An open standard for
  describing data. Unlike <a href="#html">HTML</a>, XML allows the developer of
  a web page to define special tags. For more information, see the online W3C
  document
  <a href="http://www.w3.org/XML/">Extensible Markup Language (XML)</a>.</dd>

<dt id="xslt">XSLT (Extensible Stylesheet Language Transformation)</dt><dd>A
  language used to convert an XML document into another XML document or into
  some other format.</dd>

<dt id="xul">XUL (XML User Interface Language)</dt><dd>A XML markup language
  for creating user interfaces in applications.</dd>

</dl>

</body>
</html>
